$ rpki-client -vvf rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa File: A257A95EA9DC11E9AA03780DC4F9AE02.roa (raw, json) Hash identifier: Kqxe3AlQssfHaUaGQ94xh+g433EOzW+NAhxS/kOyvHs= Subject key identifier: 9D:41:93:BD:DE:5B:E2:13:B6:80:97:7B:8C:1C:4A:91:FD:39:21:F1 Certificate issuer: /CN=A91C77BD/serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Certificate serial: 214C Authority key identifier: A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa Signing time: Fri 21 Mar 2025 02:45:51 +0000 ROA not before: Fri 21 Mar 2025 02:45:51 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134707 IP address blocks: 103.196.136.0/22 maxlen: 22 103.196.136.0/24 maxlen: 24 103.196.137.0/24 maxlen: 24 103.196.138.0/24 maxlen: 24 103.196.139.0/24 maxlen: 24 203.189.116.0/22 maxlen: 22 203.189.116.0/24 maxlen: 24 203.189.117.0/24 maxlen: 24 203.189.118.0/24 maxlen: 24 203.189.119.0/24 maxlen: 24 223.25.60.0/22 maxlen: 22 223.25.60.0/24 maxlen: 24 223.25.61.0/24 maxlen: 24 223.25.62.0/24 maxlen: 24 223.25.63.0/24 maxlen: 24 2404:3380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:56:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8524 (0x214c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C77BD, serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Validity Not Before: Mar 21 02:45:51 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67dcd2df-2a13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:21:40:62:98:69:f2:80:fc:50:27:85:87:bd: 5e:e3:77:40:9d:10:b5:b4:33:d7:b4:fd:84:07:aa: 7b:29:5c:df:7f:df:eb:c0:67:5b:66:7c:77:43:91: a5:20:a5:ee:93:ad:99:68:dd:b8:04:11:c0:b2:30: 5a:47:7d:34:9b:4b:b1:79:84:6e:36:2e:10:11:cc: 1d:51:61:08:4d:bb:36:c8:b8:31:99:fc:7c:8f:94: 5a:f3:ea:f1:7e:70:4f:49:65:7a:8d:86:03:ae:a2: 5f:09:e9:af:1f:a9:a1:c1:fc:f4:97:ad:0e:ca:f5: 02:e6:be:7a:9f:81:8e:75:88:f6:ae:99:16:93:7a: 60:df:e2:37:42:6f:7a:c7:dd:38:c5:5c:c3:f5:93: 85:63:24:6f:cd:da:b6:5c:1c:e2:c7:01:2e:b9:3a: 14:5c:db:ae:c7:e8:71:32:34:7d:18:96:03:39:98: 46:ef:8e:b0:00:04:ac:85:65:75:4d:6c:51:44:cb: b2:f1:72:fa:d7:e9:06:17:f0:f2:c8:c1:f1:2a:b5: 72:95:cf:88:54:06:06:5a:3d:7b:e4:50:3d:34:0c: ee:31:7c:e6:46:12:77:d1:15:0d:11:89:d1:cf:d1: 41:52:ab:f2:f1:d3:68:18:9e:fa:86:ce:11:e3:d4: 82:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:41:93:BD:DE:5B:E2:13:B6:80:97:7B:8C:1C:4A:91:FD:39:21:F1 X509v3 Authority Key Identifier: keyid:A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.196.136.0/22 203.189.116.0/22 223.25.60.0/22 IPv6: 2404:3380::/32 Signature Algorithm: sha256WithRSAEncryption 21:46:7c:54:9a:f7:65:24:b2:cd:87:1e:5e:0c:31:2c:92:16: 64:77:b2:10:33:47:f4:fa:65:59:fc:a5:e3:d2:e1:a6:3c:81: f0:da:fb:f1:06:26:8a:00:35:cb:89:cd:3b:0c:6c:bc:58:61: 77:7e:4f:c7:da:0f:01:b3:8c:25:cc:a7:24:3c:ce:82:c7:51: 9d:9b:96:a5:16:e8:9d:2a:f0:3f:4f:b1:14:1b:7b:af:55:77: a3:b8:a5:8f:26:0e:3e:4f:70:f4:d1:70:8b:86:4c:f3:79:40: e8:17:57:22:7a:d4:18:2f:69:0e:0a:f2:0f:ba:01:d2:b4:4d: c2:f7:ad:18:39:53:28:8e:d5:f5:f8:62:39:30:77:0b:3a:62: fa:73:b3:bd:6c:e2:46:01:59:f5:63:aa:6e:65:4e:e1:d9:09: c6:74:62:10:61:26:11:65:03:27:15:a9:59:5e:5b:17:05:27: 61:55:90:9a:da:e8:d0:cf:36:8a:db:65:7c:02:66:61:a6:21: 92:dd:6d:f5:7e:ee:ac:bb:03:85:0e:a4:96:d1:e3:56:24:39: cb:64:3a:1f:77:65:c8:be:6f:a0:2f:7a:3a:84:c6:f7:83:12: d8:08:14:75:f4:a6:a1:64:0a:8b:c3:a2:a8:74:4d:46:a3:fb: 8a:2e:8d:ab -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICIUwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3QkQxMTAvBgNVBAUTKEEzRUI3QzQzNTA2M0JDNTREMzU3M0Q4MURCREMxODcz OTg3NjYzRTAwHhcNMjUwMzIxMDI0NTUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2RjZDJkZi0yYTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxCFAYphp8oD8UCeFh71e43dAnRC1tDPXtP2EB6p7KVzff9/rwGdbZnx3Q5Gl IKXuk62ZaN24BBHAsjBaR300m0uxeYRuNi4QEcwdUWEITbs2yLgxmfx8j5Ra8+rx fnBPSWV6jYYDrqJfCemvH6mhwfz0l60OyvUC5r56n4GOdYj2rpkWk3pg3+I3Qm96 x904xVzD9ZOFYyRvzdq2XBzixwEuuToUXNuux+hxMjR9GJYDOZhG746wAASshWV1 TWxRRMuy8XL61+kGF/DyyMHxKrVylc+IVAYGWj175FA9NAzuMXzmRhJ30RUNEYnR z9FBUqvy8dNoGJ76hs4R49SCcwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJ1Bk73e W+ITtoCXe4wcSpH9OSHxMB8GA1UdIwQYMBaAFKPrfENQY7xU01c9gdvcGHOYdmPg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzdCRC8zODkzNzE5OERG NDAxMUU1ODIzMjczNEFDNEY5QUUwMi9vLXQ4UTFCanZGVFRWejJCMjl3WWM1aDJZ LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL28tdDhRMUJqdkZUVFZ6MkIyOXdZYzVoMlktQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzc3QkQvMzg5MzcxOThERjQwMTFFNTgyMzI3MzRBQzRGOUFFMDIvQTI1N0E5NUVB OURDMTFFOUFBMDM3ODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnxIgDBALLvXQDBALfGTwwDQQCAAIwBwMFACQEM4AwDQYJ KoZIhvcNAQELBQADggEBACFGfFSa92Ukss2HHl4MMSySFmR3shAzR/T6ZVn8pePS 4aY8gfDa+/EGJooANcuJzTsMbLxYYXd+T8faDwGzjCXMpyQ8zoLHUZ2blqUW6J0q 8D9PsRQbe69Vd6O4pY8mDj5PcPTRcIuGTPN5QOgXVyJ61BgvaQ4K8g+6AdK0TcL3 rRg5UyiO1fX4Yjkwdws6Yvpzs71s4kYBWfVjqm5lTuHZCcZ0YhBhJhFlAycVqVle WxcFJ2FVkJra6NDPNorbZXwCZmGmIZLdbfV+7qy7A4UOpJbR41YkOctkOh93Zci+ b6AvejqExveDEtgIFHX0pqFkCovDoqh0TUaj+4oujas= -----END CERTIFICATE-----Generated at Sat Apr 26 13:07:37 2025 by rpki-client